Google Tests New Crypto in Chrome to Fend Off Quantum Attacks

2 posts in this topic

FOR ANYONE WHO cares about Internet security and encryption, the advent of practical quantum computing looms like the Y2K bug in the 1990s, a countdown to an unpredictable event that might just break everything. The concern: hackers and intelligence agencies could use advanced quantum attacks to crack current encryption techniques and learn, well, anything they want. Now Google is starting the slow, hard work of preparing for that future, beginning with a web browser designed to keep your secrets even when they’re attacked by a quantum computer more powerful than any the world has seen.

The search giant today revealed that it’s been rolling out a new form of encryption in its Chrome browser that’s designed to resist not just existing crypto-cracking methods, but also attacks that might take advantage of a future quantum computer that accelerates codebreaking techniques untold gajillions of times over. For now, it’s only testing that new so-called “post-quantum” crypto in some single digit percentage of Chrome desktop installations, which will be updated so that they use the new encryption protocol when they connect to some Google services. But the experiment nonetheless represents the biggest real-world rollout ever of encryption that’s resistant to quantum attacks, and a milestone in the security world’s preparations to head off a potentially disastrous but still-distant quantum cryptopocalypse.

No Quantum Secrets?

“The reason we’re doing this experiment is because the possibility that large quantum computers could be built in the future is not zero. We shouldn’t panic about it, but it could happen,” says Google security engineer Adam Langley. Google’s also considering the possibility that sophisticated eavesdroppers could record scrambled secrets now and then crack them with techniques developed years or even decades later. For many ubiquitous forms of crypto including many forms of the TLS or SSL encryption protecting our web browsing, that would mean “any information encrypted today could be decrypted in the future by a quantum computer,” Langley says.

To stave off that secret-less future, Google is trying a two-year experiment: It’s switching the TLS web encryption in a test portion of Chrome installations and Google services from elliptic curve cryptography—a common form of encryption that can be practically unbreakable for normal computers—to a protocol that bolsters elliptic curves by adding in a new type of encryption known as Ring Learning With Errors or Ring-LWE. Cryptographers are hesitantly betting that unlike elliptic curve crypto, the Ring-LWE technique will be resistant to quantum codebreaking.

The Quantum Risk

No one can be sure yet of Ring-LWE’s immunity to quantum cracking techniques, points out Johns Hopkins cryptography professor Matthew Green. But he argues it’s still an important a step in the right direction. “It’s much better to use an algorithm where we don’t know of any quantum attacks versus the ones we know today to be broken by them,” says Green. “This is research stuff, not what you’d expect to be out there in the world. But it’s interesting that Google’s trying it anyway, even on a small percentage of browsers.”

To understand how quantum computing threatens common cryptographic techniques, consider the mind-bending way a quantum computer works. Instead of the normal bits in a computer chip that store a “one” or a “zero” setting in the form of an electric current, a “quantum bit” or “qubit” is designed to exhibit the deeply weird, fundamentally different physical properties that occur in particles at a sub-atomic level: A qubit can exist in an indefinite state that’s simultaneously a zero and a one at the same time—at least until it’s observed, at which point it “collapses” into one of those states or the other.

That means two qubits can, together, exist in four states at once (00, 01, 10, and 11), three can exist in eight at time, and so on. So while a traditional computer might have to cycle through enormous numbers of possible keys, trying one at a time before it randomly guesses the key that decrypts an encrypted message, a quantum computer can try vast swathes of possible keys essentially simultaneously, collapsing those simultaneous states into one fixed state only after cracking a scrambled message. And that can mean the difference between deciphering a message in minutes or in millenia.

Early Days

Quantum computing’s cryptographic skeleton key isn’t arriving particularly soon. An effective codebreaking quantum machine would have to have hundreds or thousands of qubits, cryptographers say. Cutting-edge quantum computers today have just a handful;one owned by IBM and made available for academic experimentation, for instance, has five qubits. (Quantum computing firm D-Wave, which has sold computers to Google, NASA, and Lockheed Martin, claims to sell quantum computers that boast more than a thousand qubits. But its machines are generally considered to have only some quantum properties and can’t be used for true quantum codebreaking, says Google’s Langley.)

Our Mod Team

Social Network

About Us

Our goal in opening Conspiracy Outpost is first and foremost to provide a forum atmosphere in which it's safe to post your thoughts and ideas without abuse from other members. Another goal is to allow discussion on subjects where other forums fear to tread or outright censor due to personal bias. We believe that freedom of speech doesn't mean freedom to abuse and ridicule others, we believe it is the freedom to intelligently discuss issues and any and all conspiracy theories without fear of persecution.